Malware and virus are related yet different terms, although people often use them interchangeably. Malwarebytes’ 2021 State of Malware Report states that the combined number of consumer & business malware detections on Windows devices was more than 111 million, 581,829 of which consumer malware detections were viruses. But what exactly is the difference between malware and a virus?
Ah, yes, the good ol’ “malware vs virus” debate. Will it make sense to you if I say that viruses are a type of malware, but not all types of malware are viruses? It’s a cryptic but true statement. Malware is a holistic term encompassing all types of software or code that are created with malicious intent.
But what does this mean more specifically? In this “malware vs virus” article, we’ll break down the difference between a malware and virus. Then we’ll explore some real-world examples of malware and viruses that have been making headlines in recent years.
Malware vs Virus: What Is the Difference Between Malware and a Virus?
The principal difference between a “virus” and “malware” in general lies in their individual definitions and capabilities. Malware is a blanket term that covers all types of software and code that are designed with malicious intent. Basically, malware describes various types of software written to damage computers, mobile devices, servers, clients, or entire networks.
On the other hand, a computer virus is a type of malware hidden in other programs and is executed when the program is run. Basically, it requires a trigger to execute, unlike a worm which doesn’t require user interaction. A virus can replicate itself by modifying other computer programs to insert its own code. When other devices access those infected files (such as via a network or sharing them through emails), the virus spreads from host to host.
There are many types of malware, including:
- Trojans,
- Ransomware,
- Fileless malware,
- Cryptomining malware,
- Worms, and
- Viruses.
Cybercriminals often use two or more malware combinations to launch attacks on their victims. The following figure shows many of the different types of malware that are now in use globally:
So, all computer viruses are malware, but not all types of malware are viruses. If we use a Venn diagram to represent the difference between malware and a virus, it will make it clearer for you:
With this in mind, let’s now consider what applications of malware and viruses would look like in the real world:
Real-World Examples of Viruses and Other Malware in Action
Let’s explore several real-world examples of different types of malware that we’ve seen over the years:
- US Fertility (USF) faced a ransomware attack in August and September 2020. Cybercriminals stole files containing sensitive personal data of USF patients. Ransomware also was used to encrypt data on many of the company’s servers and devices.
- A fileless cryptojacking attack dubbed PCASTLE affected individual users and businesses in China in June 2019. This is a classic example of a combination of two major types of malware. The attack was carried out by employing fileless malware to enter the victims’ system. After infecting the system, it was used to mine for a cryptocurrency called Monero. Although the criminals did not focus on any industry or type of victims, 92% of the infected computers were in China.
- A cyber attack on Australian Federal Parliament and Channel Nine: On March 28, 2021, Australian Federal Parliamentary workers faced technical disruptions that blocked mobile access to their work emails. Channel Nine also could not broadcast programs that day. Both these events were a result of a malware attack. Cyber security experts in Australia believe that the attacks were carried out by a nation-state actor, although they have not named any particular nation.
- Bugbear was a computer malware virus that spread in October 2002, infecting thousands of home and business computers. Bugbear employed a vulnerability in Microsoft Outlook and Outlook Express that allowed the virus to propagate itself and spread to another computer via the email addresses found on the infected computer’s hard drive.
- In the spring of 2004, Sasser affected millions of internet users. The computers suddenly started to sputter and reboot. Entire systems, including the British Coast Guard, Australian Train Stations, Taiwan Post Offices, Hong-Kong hospitals, and banks, had to be shut down.
Perhaps now you will understand that every virus is malware, but every malware is not a virus. A virus is just one category out of many varieties of malware. Then why is there so much confusion between the two terms? The answer lies in history and herd mentality.
Why People Commonly Mistake Computer Viruses with Other Types of Malware
The concept of a computer virus has been around since the late 40s, according to Kaspersky. In a series of lectures, mathematician John von Neumann discussed a theory of self-replicating automata that he later published in a 1966 paper. However, the term “computer virus” didn’t come around until 1983, according to WeLiveSecurity. It was coined by Dr. Leonard Adleman (namesake of the “A” in RSA encryption algorithm, which stands for the surnames of its creators Rivest, Shamir, and Adleman) to describe the program created by one of his students, Fred Cohen.
Kaspersky also reports that the first known computer virus, known as Creeper, was a harmless security test program that aimed to test self-propagation capabilities. However, in the mid-70s, viruses began taking a malicious turn. The Rabbit Virus, which first appeared in 1974, is the first one known to be created with malicious intentions. It made copies of itself on the victim’s computer, reducing its speed until the machine eventually failed and crashed.
As time went by, cyberspace was flooded with other types of malware in addition to viruses. In 1990, Israeli computer scientist and researcher Yisrael Radai coined the phrase “malware” to describe various types of malicious software. Nevertheless, the term “malware” continued to be in the back seat, with the term “virus” in the lead. Let’s consider the example of modern antivirus and anti-malware tools.
The Difference Between Antivirus vs Anti-Malware Tools
Antivirus software came into the market in the 1980s and made the term virus even more popular. Even today, many anti-malware tools are still frequently called antivirus programs as a norm. But as it turns out, there’s a difference between the two programs. Anti-malware tools protect against a broader category of newer threats, whereas antivirus solutions focus more on traditional, established threats. However, they’re both very useful tools for many businesses.
Many cyber security experts and tech-savvy people recognize the difference between a virus and malware and have been using the correct terms for years. But less technical users often still prefer the term virus and uses it interchangeably with malware. When most of the public uses the term virus, it becomes difficult to correct them all. However, the time has come when the public should be aware of the difference between the two terms to protect themselves against these threats in the most effective ways.
Malware vs Virus: The Conclusion
Finally, we can conclude by saying that malware and viruses are not the same. Viruses constitute just one category of malware, as malware is a much broader term. Malware is a term that encompasses many types of malicious programs and code — everything from behavior monitoring and credential-stealing tools to data-encrypting software and self-replicating worms.
As a virus was the first type of malware, the term is well-known to ordinary people. This is why they typically refer to all types of malware using the term virus. However, you must know the difference between the two as the preventive security measures for all types of malware are different.
